Wu Blockchain has learned that the security company Blockaid reported a custom extension contract on Ethereum's Ekubo Protocol was exploited, resulting in approximately $1.4 million in losses. Blockaid stated that the vulnerability stems from the extension contract failing to verify whether the payer is the lock initiator or an authorized payer during payment callbacks. This allowed attackers to use transferFrom to drain funds from users who had granted ERC-20 allowances to the contract. Currently, only users who authorized this v2 contract as a spender are at risk. https://(wublock123.com)/news/ekubo-protocol-exploit-loss-1-4m-usd-60608